From f5dbb363f45c6b06ee53c3ffe25f15022fb98104 Mon Sep 17 00:00:00 2001
From: sadnub <josh@torchlake.com>
Date: Mon, 1 May 2023 10:32:21 -0400
Subject: [PATCH] install script fixes

---
 .../commands/generate_json_schemas.py         |  2 +-
 .../commands/setup_reporting_permissions.py   | 40 +++++++++++++
 .../commands/setup_reporting_user.py          | 57 -------------------
 install.sh                                    | 29 +++++++++-
 update.sh                                     | 16 +++++-
 5 files changed, 82 insertions(+), 62 deletions(-)
 create mode 100644 api/tacticalrmm/ee/reporting/management/commands/setup_reporting_permissions.py
 delete mode 100644 api/tacticalrmm/ee/reporting/management/commands/setup_reporting_user.py

diff --git a/api/tacticalrmm/ee/reporting/management/commands/generate_json_schemas.py b/api/tacticalrmm/ee/reporting/management/commands/generate_json_schemas.py
index 950594a9..b9b6b728 100644
--- a/api/tacticalrmm/ee/reporting/management/commands/generate_json_schemas.py
+++ b/api/tacticalrmm/ee/reporting/management/commands/generate_json_schemas.py
@@ -15,7 +15,7 @@ from ...constants import REPORTING_MODELS
 class Command(BaseCommand):
     help = "Generate JSON Schemas"
 
-    def handle(self) -> None:
+    def handle(self, *args, **kwargs) -> None:
         generate_schema()
 
 
diff --git a/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_permissions.py b/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_permissions.py
new file mode 100644
index 00000000..77f084f3
--- /dev/null
+++ b/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_permissions.py
@@ -0,0 +1,40 @@
+"""
+Copyright (c) 2023-present Amidaware Inc.
+This file is subject to the EE License Agreement.
+For details, see: https://license.tacticalrmm.com/ee
+"""
+
+from django.core.management.base import BaseCommand
+from django.conf import settings as djangosettings
+from psycopg2 import connect
+from ...constants import REPORTING_MODELS
+
+
+class Command(BaseCommand):
+    help = "Setup reporting databases and users"
+
+    def handle(self, *args, **kwargs) -> None:
+        try:
+            trmm_db_conn = djangosettings.DATABASES["default"]
+            trmm_reporting_conn = djangosettings.DATABASES["reporting"]
+            conn = connect(
+                dbname=trmm_db_conn["NAME"], # type: ignore
+                user=trmm_db_conn["USER"], # type: ignore
+                host=trmm_db_conn["HOST"], # type: ignore
+                password=trmm_db_conn["PASSWORD"], # type: ignore
+                port=trmm_db_conn["PORT"], # type: ignore
+            )
+            cursor = conn.cursor()
+            sql_commands = ("""""")
+            for model, app in REPORTING_MODELS:
+                sql_commands += (
+                    f"""GRANT SELECT ON {app}_{model.lower()} TO {trmm_reporting_conn["USER"]};\n""" # type: ignore
+                )
+
+            cursor.execute(sql_commands)
+            cursor.execute("COMMIT")
+            cursor.close()
+            conn.close()
+        except Exception as error:
+            self.stderr.write(str(error))
+
diff --git a/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_user.py b/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_user.py
deleted file mode 100644
index 30cd4d19..00000000
--- a/api/tacticalrmm/ee/reporting/management/commands/setup_reporting_user.py
+++ /dev/null
@@ -1,57 +0,0 @@
-"""
-Copyright (c) 2023-present Amidaware Inc.
-This file is subject to the EE License Agreement.
-For details, see: https://license.tacticalrmm.com/ee
-"""
-
-from django.core.management.base import BaseCommand
-from django.conf import settings as djangosettings
-from psycopg2 import connect
-from ...settings import settings as reportingsettings
-from ...constants import REPORTING_MODELS
-
-
-class Command(BaseCommand):
-    help = "Setup reporting databases and users"
-
-    def handle(self) -> None:
-        try:
-            self.trmm_db_conn = djangosettings.DATABASES["default"]
-            self.conn = connect(
-                dbname=self.trmm_db_conn["NAME"], # type: ignore
-                user=self.trmm_db_conn["USER"], # type: ignore
-                host=self.trmm_db_conn["HOST"], # type: ignore
-                password=self.trmm_db_conn["PASSWORD"], # type: ignore
-                port=self.trmm_db_conn["PORT"], # type: ignore
-            )
-            self.cursor = self.conn.cursor()
-            self.create_reporting_db_user()
-
-            self.cursor.close()
-            self.conn.close()
-        except Exception as error:
-            self.stderr.write(str(error))
-
-    def create_reporting_db_user(self) -> None:
-        role_name = "role_reporting"
-        trmm_database_name = self.trmm_db_conn["NAME"] # type: ignore
-        reporting_user = reportingsettings.REPORTING_DB_USER
-        reporting_password = reportingsettings.REPORTING_DB_PASSWORD
-
-        sql_commands = f"""CREATE ROLE {role_name};\n"""
-        sql_commands += (
-            f"""GRANT CONNECT ON DATABASE {trmm_database_name} TO {role_name};\n"""
-        )
-        sql_commands += f"""GRANT USAGE ON SCHEMA public TO {role_name};\n"""
-
-        for model, app in REPORTING_MODELS:
-            sql_commands += (
-                f"""GRANT SELECT ON {app}_{model.lower()} TO {role_name};\n"""
-            )
-
-        sql_commands += (
-            f"""CREATE USER {reporting_user} WITH PASSWORD {reporting_password};\n"""
-        )
-
-        self.cursor.execute(sql_commands)
-        self.cursor.execute("COMMIT")
diff --git a/install.sh b/install.sh
index be9b47d9..7674573f 100644
--- a/install.sh
+++ b/install.sh
@@ -1,7 +1,24 @@
 #!/usr/bin/env bash
 
+REPO=amidaware
+BRANCH=master
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    -r|--repo)
+      REPO="$2"
+      shift # past argument
+      shift # past value
+      ;;
+    -b|--branch)
+      BRANCH="$2"
+      shift # past argument
+      shift # past value
+      ;;
+  esac
+done
+
 SCRIPT_VERSION="78"
-SCRIPT_URL='https://raw.githubusercontent.com/amidaware/tacticalrmm/master/install.sh'
+SCRIPT_URL="https://raw.githubusercontent.com/${REPO}/tacticalrmm/${BRANCH}/install.sh"
 
 sudo apt install -y curl wget dirmngr gnupg lsb-release ca-certificates
 
@@ -317,13 +334,18 @@ sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE meshcentral TO ${MESH
 sudo -u postgres psql -c "ALTER DATABASE meshcentral OWNER TO ${MESHPGUSER}"
 sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${MESHPGUSER}"
 
+print_green 'Creating reporting user'
+sudo -u postgres psql -c "CREATE USER ${pgreportingusername} WITH PASSWORD '${pgreportingpw}'"
+sudo -u postgres psql -c "GRANT CONNECT ON DATABASE tacticalrmm TO ${pgreportingusername}"
+sudo -u postgres psql -c "GRANT USAGE ON SCHEMA public TO ${pgreportingusername}"
+
 print_green 'Cloning repos'
 
 sudo mkdir /rmm
 sudo chown ${USER}:${USER} /rmm
 sudo mkdir -p /var/log/celery
 sudo chown ${USER}:${USER} /var/log/celery
-git clone https://github.com/amidaware/tacticalrmm.git /rmm/
+git clone https://github.com/${REPO}/tacticalrmm.git /rmm/
 cd /rmm
 git config user.email "admin@example.com"
 git config user.name "Bob"
@@ -489,6 +511,7 @@ WHEEL_VER=$(grep "^WHEEL_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
 sudo mkdir -p /opt/tactical/reporting
 sudo mkdir -p /opt/tactical/reporting/assets
 sudo mkdir -p /opt/tactical/reporting/schemas
+sudo chown ${USER}:${USER} /opt/tactical
 
 cd /rmm/api
 python3.11 -m venv env
@@ -504,7 +527,7 @@ python manage.py create_uwsgi_conf
 python manage.py load_chocos
 python manage.py load_community_scripts
 python manage.py generate_json_schemas
-python manage.py setup_reporting_user
+python manage.py setup_reporting_permissions
 WEB_VERSION=$(python manage.py get_config webversion)
 printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
 printf >&2 "\n"
diff --git a/update.sh b/update.sh
index 366fbb05..37d27ea6 100644
--- a/update.sh
+++ b/update.sh
@@ -345,10 +345,18 @@ nats_api='/usr/local/bin/nats-api'
 sudo cp /rmm/natsapi/bin/${natsapi} $nats_api
 sudo chown ${USER}:${USER} $nats_api
 sudo chmod +x $nats_api
+echo 'Checking for reporting connection'
 CHECK_REPORTING_DB_CONNECTION=$(grep 'reporting': /rmm/api/tacticalrmm/tacticalrmm/local_settings.py)
 if ! [[ $CHECK_REPORTING_DB_CONNECTION ]]; then
   pgreportingusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
   pgreportingpw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
+
+  echo 'Creating reporting user'
+  sudo -u postgres psql -c "CREATE USER ${pgreportingusername} WITH PASSWORD '${pgreportingpw}'"
+  sudo -u postgres psql -c "GRANT CONNECT ON DATABASE tacticalrmm TO ${pgreportingusername}"
+  sudo -u postgres psql -c "GRANT USAGE ON SCHEMA public TO ${pgreportingusername}"
+
+  echo 'Creating reporting connection'
   reportingconnection="$(
     cat <<EOF
     DATABASES['reporting'] = {
@@ -390,6 +398,12 @@ if [ ! -d /opt/tactical/reporting/assets ]; then
   sudo mkdir -p /opt/tactical/reporting/assets
 fi
 
+if [ ! -d /opt/tactical/reporting/assets ]; then
+  sudo mkdir -p /opt/tactical/reporting/schemas
+fi
+
+sudo chgrp -R ${USER}:${USER} /opt/tactical
+
 python manage.py pre_update_tasks
 celery -A tacticalrmm purge -f
 python manage.py migrate
@@ -402,7 +416,7 @@ python manage.py create_natsapi_conf
 python manage.py create_uwsgi_conf
 python manage.py clear_redis_celery_locks
 python manage.py generate_json_schemas
-python manage.py setup_reporting_user
+python manage.py setup_reporting_permissions
 python manage.py post_update_tasks
 API=$(python manage.py get_config api)
 WEB_VERSION=$(python manage.py get_config webversion)